RvdSchaft
asked on
Windows 2008 server unreachable
I've the following problem:
I'm working with a 2 server environment (SBS 2003 and windows 2008 standard)
W2K8 is used for terminal server services, implemented 1,5 month ago
both servers are connected to two networks:
internal LAN 192.168.1.0/24 - servers - external LAN 10.0.0.0/24 - ADSL and SDSL modem - internet
up to last week things where working just fine. All remote clients could use the terminal services.
Somewhere last week connection was lost. After some testing I found the following
From a node on the internal network:
All clients and the SBS2K3 server are reachable (RDC and ping)
I can not start a RDC session to the W2K8 server
I do not receive a ping reply from the W2K8 server
I have disabled the firewall on W2K8 (disabled windows firewall service) but no result
Direct on console W2K8
I can start a RDC session to any node
I can ping all clients on all connected networks
I'm working with a 2 server environment (SBS 2003 and windows 2008 standard)
W2K8 is used for terminal server services, implemented 1,5 month ago
both servers are connected to two networks:
internal LAN 192.168.1.0/24 - servers - external LAN 10.0.0.0/24 - ADSL and SDSL modem - internet
up to last week things where working just fine. All remote clients could use the terminal services.
Somewhere last week connection was lost. After some testing I found the following
From a node on the internal network:
All clients and the SBS2K3 server are reachable (RDC and ping)
I can not start a RDC session to the W2K8 server
I do not receive a ping reply from the W2K8 server
I have disabled the firewall on W2K8 (disabled windows firewall service) but no result
Direct on console W2K8
I can start a RDC session to any node
I can ping all clients on all connected networks
Nothing been added to network with same IP as 08 box? No hops between servers, both on same flat subnet? Are the two servers using same DNS server? Try restarting DNS. Also look here -->http://patrickyong.wordpress.com/2008/05/04/enable-ping-replies-on-windows-server-2008/
ASKER
Suppsaws,
The server was added as a simple member server in the domain, with access to the AD of the sbs2003 box.
As I mentioned, the whole setup worked just fine for more than a monthand a half , this includes reboots from both servers.
Thingathewinga,
there are no conflicts in the networks, all the IP addresses are static.
Both servers are attached to the same networks, no hops included.
The DNS server is running on the SBS box, and is the only name server in the network (uses forwarders to connect to the internet).
The suggestion enabling ping replies on a 2008 box was already done by me during initial setup
The server was added as a simple member server in the domain, with access to the AD of the sbs2003 box.
As I mentioned, the whole setup worked just fine for more than a monthand a half , this includes reboots from both servers.
Thingathewinga,
there are no conflicts in the networks, all the IP addresses are static.
Both servers are attached to the same networks, no hops included.
The DNS server is running on the SBS box, and is the only name server in the network (uses forwarders to connect to the internet).
The suggestion enabling ping replies on a 2008 box was already done by me during initial setup
you'd better join the server to the domain as it should be, the sbs way, as in the article.
Don't forget this is an SBS domain, and that is also SBS applying policies (firewall policies etc) to the windows server 2008 server.
But actually the no-ping replies must be firewall or antivirus etc.
Disable all related software, and make sure the ping replies work to begin with.
Don't forget this is an SBS domain, and that is also SBS applying policies (firewall policies etc) to the windows server 2008 server.
But actually the no-ping replies must be firewall or antivirus etc.
Disable all related software, and make sure the ping replies work to begin with.
ASKER
suppsaws,
I gonna diable the firewall and antivirus software as suggested, and see what happens.
secondly, I will also try the sbs way to ad a 2008 server.
I come back to you as soon as I have some information.
Robin
I gonna diable the firewall and antivirus software as suggested, and see what happens.
secondly, I will also try the sbs way to ad a 2008 server.
I come back to you as soon as I have some information.
Robin
ASKER
ok,
I found the following
- deinstalled Antivirus
- disabled windows firewall
-> no ping.
removed the 2008 box from domain
restarted the server and logged on locally
-> ping replies and RDC (firewall is enabled)
I rejoined server in the domain, according to the above mentioned document (as a member server)
restarted en and logged on
-> no ping (tried firewall enabled and disabled)
To verify all this is correct, I once again removed the server form the domain and restarted the box.
once again, full ping reply and RDC from all nodes.
Robin
I found the following
- deinstalled Antivirus
- disabled windows firewall
-> no ping.
removed the 2008 box from domain
restarted the server and logged on locally
-> ping replies and RDC (firewall is enabled)
I rejoined server in the domain, according to the above mentioned document (as a member server)
restarted en and logged on
-> no ping (tried firewall enabled and disabled)
To verify all this is correct, I once again removed the server form the domain and restarted the box.
once again, full ping reply and RDC from all nodes.
Robin
and can you manually allow ping requests?
If I'me not mistaken :
Open Windows Firewall
Click the Advanced tab
Under ICMP, click Settings
Select the Allow Incoming Echo Request checkbox
If I'me not mistaken :
Open Windows Firewall
Click the Advanced tab
Under ICMP, click Settings
Select the Allow Incoming Echo Request checkbox
btw, some more info here:
http://www.windowsecurity.com/articles/Windows-Server-2008-Firewall-Advanced-Security-Part3b.html
http://www.windowsecurity.com/articles/Windows-Server-2008-Firewall-Advanced-Security-Part3b.html
ASKER
I've already manually allowed ping requests on 2008. This is done as thingathewinga suggested.
The settings in the firewall don't change when I add the server as a member to the domain.
Only the fact that a server is using the domain option when in a domain and the public / private options when stand alone.
As I mentioned earlier, when I disable the firewall (in sevices) the problem persists, only when the server is member of the domain. when in stand alone mode, evrything is oke, with and without an active firewall.
The settings in the firewall don't change when I add the server as a member to the domain.
Only the fact that a server is using the domain option when in a domain and the public / private options when stand alone.
As I mentioned earlier, when I disable the firewall (in sevices) the problem persists, only when the server is member of the domain. when in stand alone mode, evrything is oke, with and without an active firewall.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The server is in the SBSServer OU.
When I first configured the server it was with a fixed IP, both NIC's are haveing a fixed IP
The server is using the DNS server on the SBS box
hang-on...
I think I figured it out. You triggerd me with the question about the server in SBSserver OU. This is the case, but when I joined the server in the domain it was added under computers. I probably have moved the server from this location to SBSSevers OU.
Now I've relocated the server object to computers OU and everything is working again.
the problem was most likely related to group policies. I've to figure that out as well. But sofar it's working.
Thanks for the support, the 500 points will be rewarded to you.
When I first configured the server it was with a fixed IP, both NIC's are haveing a fixed IP
The server is using the DNS server on the SBS box
hang-on...
I think I figured it out. You triggerd me with the question about the server in SBSserver OU. This is the case, but when I joined the server in the domain it was added under computers. I probably have moved the server from this location to SBSSevers OU.
Now I've relocated the server object to computers OU and everything is working again.
the problem was most likely related to group policies. I've to figure that out as well. But sofar it's working.
Thanks for the support, the 500 points will be rewarded to you.
how was this server joined to the SBS domain?
http://technet.microsoft.com/en-us/library/cc794703.aspx
Regards,
suppsaws